We could probably come up with our own study just by finding every publicly traded company in the database and look at stock price history for X days following announcement of the breech. In fact, this could almost be automated if we added the ticker symbol to the database and then created a script that took advantage of a site containing access to stock trading data via an API...
<br><br><div><span class="gmail_quote">On 10/9/06, <b class="gmail_sendername">Adam Shostack</b> <<a href="mailto:adam@homeport.org">adam@homeport.org</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Fascinating. It contradicts "Is There a Cost to Privacy Breaches? An<br>Event Study," which Alan Friedman presented at the Workshop on<br>Economics of Infosec.<br><br><a href="http://weis2006.econinfosec.org/docs/40.pdf">
http://weis2006.econinfosec.org/docs/40.pdf</a><br><br>That study has a much larger dataset, and so I'm curious why EMA chose<br><br>such small datasets.<br><br>My thoughts on the paper are at<br><a href="http://www.emergentchaos.com/archives/2006/07/does_lost_data_matter.html">
http://www.emergentchaos.com/archives/2006/07/does_lost_data_matter.html</a><br><br><br><br>Adam<br><br><br>On Mon, Oct 09, 2006 at 11:26:11AM -0400, Dissent wrote:<br>| Australian-based analyst Hydrasight has teamed up with Colorado-based
<br>| researcher Enterprise Management Associates Inc. (EMA) to release a<br>| study on the current state of global enterprise information security.<br>|<br>| The report draws a comparison between the theft or breach of<br>
| confidential information and computer-facilitated financial fraud and<br>| the impact it has on organizations in terms of share price. While the<br>| organizations studied were based in the U.S., the findings reflect a<br>
| similar security environment in Australia.<br>|<br>| Scott Crawford, senior analyst with EMA, said within four weeks of<br>| public disclosure of details of an information breach, negative<br>| responses show up in the form of falling share prices. The impact can
<br>| be disturbing, he added.<br>|<br>| "EMA recently followed the closing stock prices of six US companies<br>| which had disclosed an information security breach between February<br>| 2005 and June 2006.<br>|<br>| "Within a month of disclosure, the average price of these stocks fell
<br>| by 5 percent, and remained in a range of 2.4 to 8.5 percent below<br>| that of the date of disclosure for another eight months," he said.<br>|<br>| "The stocks did not recover to pre-incident levels for nearly a year."
<br>|<br>| [...]<br>|<br>| <a href="http://www.webwereld.nl/articles/43234/data-leaks-hit-share-prices-hard.html">http://www.webwereld.nl/articles/43234/data-leaks-hit-share-prices-hard.html</a><br>|<br>| _______________________________________________
<br>| Dataloss Mailing List (<a href="mailto:dataloss@attrition.org">dataloss@attrition.org</a>)<br>| <a href="http://attrition.org/dataloss">http://attrition.org/dataloss</a><br>| Tracking more than 136 million compromised records in 403 incidents over 6 years.
<br>|<br>_______________________________________________<br>Dataloss Mailing List (<a href="mailto:dataloss@attrition.org">dataloss@attrition.org</a>)<br><a href="http://attrition.org/dataloss">http://attrition.org/dataloss
</a><br>Tracking more than 136 million compromised records in 403 incidents over 6 years.<br><br><br><br></blockquote></div><br>